S3 buckets

From MediaWiki
Revision as of 16:48, 11 November 2024 by Sst-la1 (talk | contribs) (→‎Operations)
Jump to navigation Jump to search

Overview

This page describes the creation and management of S3 buckets in our OpenStack-based stoney cloud.

Credential pair

In order to use the S3 API you have to create EC2 (Amazon Elastic Compute Cloud) credentials using the OpenStack Keystone service.

This section will guide you through the creation process in our OpenStack-based cloud.

Credential pair - Create

Create new EC2 credentials in OpenStack using the OpenStack-CLI:

openstack ec2 credentials create

This will give you an output in the following format:

+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                          |
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| access     | tpvx3i0gk5rf4duomnr7davjxl517z9c                                                                                                               |
| links      | {'self': 'https://api.os.stoney-cloud.com:5000/v3/users/tpvx3i0gk5rf4duomnr7davjxl517z9c/credentials/OS-EC2/tpvx3i0gk5rf4duomnr7davjxl517z9c'} |
| project_id | hw3rr6x6ktyuv7erwpuyxbijihx1phdw                                                                                                               |
| secret     | 6lifckxv1005z60csekl7qynwxwbv3re                                                                                                               |
| trust_id   | None                                                                                                                                           |
| user_id    | tpvx3i0gk5rf4duomnr7davjxl517z9c                                                                                                               |
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+

Credential pair - Show

If you ever need to look the credentials up again, use the following command:

access_id=tpvx3i0gk5rf4duomnr7davjxl517z9c
openstack ec2 credentials show ${access_id}

This will give you an output formatted like this:

+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                          |
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| access     | tpvx3i0gk5rf4duomnr7davjxl517z9c                                                                                                               |
| links      | {'self': 'https://api.os.stoney-cloud.com:5000/v3/users/tpvx3i0gk5rf4duomnr7davjxl517z9c/credentials/OS-EC2/tpvx3i0gk5rf4duomnr7davjxl517z9c'} |
| project_id | hw3rr6x6ktyuv7erwpuyxbijihx1phdw                                                                                                               |
| secret     | 6lifckxv1005z60csekl7qynwxwbv3re                                                                                                               |
| trust_id   | None                                                                                                                                           |
| user_id    | tpvx3i0gk5rf4duomnr7davjxl517z9c                                                                                                               |
+------------+------------------------------------------------------------------------------------------------------------------------------------------------+

Credential pair - Delete

If you need to delete your credentials, you can so like this:

access_id=tpvx3i0gk5rf4duomnr7davjxl517z9c
openstack ec2 credentials delete ${access_id}

When running 'delete' you should get no response apart from the status code 0.

General usage

When using the S3 technology, you have different possible cli-tools. The most popular implementations are:

  • aws
  • s3cmd

This page focuses on the usage of those two implementations.

General usage - Connect

General usage - Connect - AWS client

This section explains the general usage such as configuring the connection using the AWS-client.

General usage - Connect - AWS client - Installation

Install the awscli using your favorite package manager:

# Fedora/RHEL
sudo dnf install awscli
# Ubuntu/Debian
sudo apt install awscli
# Alpine Linux
sudo apk add aws-cli
# Arch Linux
sudo pacman -S aws-cli

General usage - Connect - AWS client - Configuration

After installing the awscli package, you can configure it like so:

aws configure

The configuration helper will prompt you to enter the following information:

AWS Access Key ID [None]: tpvx3i0gk5rf4duomnr7davjxl517z9c # access (from EC2 credentials)
AWS Secret Access Key [None]: 6lifckxv1005z60csekl7qynwxwbv3re # secret (from EC2 credentials)
Default region name [None]: # leave empty
Default output format [None]: json # set to json

This will then create config files on your machine in the following locations:

  • ~/.aws/config
  • ~/.aws/credentials

General usage - Connect - AWS client - Cheatsheet

Short overview of available commands when using s3cmd:

Cheatsheet
Command Description
aws s3api list-buckets
or
aws s3 ls
Show available buckets
aws s3api create-bucket <bucket-name>
Create a bucket
aws s3api delete-bucket --bucket <bucket-name>
Delete a bucket
aws s3api list-objects --bucket <bucket-name>
Show content of a bucket
aws s3api help
Show all command available

General usage - Connect - S3cmd

This section explains the general usage such as configuring the connection using the S3cmd-client.

General usage - Connect - S3cmd - Installation

Install the s3cmd using your favorite package manager:

# Fedora/RHEL
sudo dnf install s3cmd
# Ubuntu/Debian
sudo apt install s3cmd
# Alpine Linux
sudo apk add s3cmd
# Arch Linux
sudo pacman -S s3cmd

General usage - Connect - S3cmd - Configuration

To configure s3cmd, create a configuration file like so:

# Create file
touch ~/.s3cfg

# Edit file
vim ~/.s3cfg

The configuration file should include the following options:

access_key = <access> # replace with your access key of the ec2 credential
secret_key = <secret> # replace with your secret key of the ec2 credential
host_base = api.os.stoney-cloud.com:9000
host_bucket = api.os.stoney-cloud.com:9000

General usage - Connect - S3cmd - Cheatsheet

Short overview of available commands when using s3cmd:

Cheatsheet
Command Description
s3cmd ls
Show available buckets
s3cmd mb s3://<bucket-name>
Create a bucket
s3cmd rb s3://<bucket-name>
Delete a bucket
s3cmd ls s3://<bucket-name>
Show content of a bucket
s3cmd put <file> s3://<bucket-name>
Put file into bucket
s3cmd get s3://<bucket-name>/<file-name>
Get file from bucket
s3cmd [del|rm] s3://<bucket-name>/<file-name>
Delete file from bucket
s3cmd du
Show disk usage of buckets
s3cmd --help
Show all command available

Operations

Operations - Versioning

This section explains how to enable versioning for an s3 bucket.

Operations - Versioning - AWS

To enable versioning for a certain bucket, use the following command:

aws --endpoint-url  https://... s3api get-bucket-versioning  --bucket test

Operations - Versioning - S3cmd

Operations Retention policy